配置类:
package com.entor.config;
import com.entor.filter.TokenFilter;
import com.entor.interceptor.TokenInterceptor;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import java.util.Arrays;
@Configuration
public class WebConfig implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new TokenInterceptor())//添加拦截器
.excludePathPatterns("/login")//排除拦截的请求
.addPathPatterns("
@Bean
public FilterRegistrationBean filterRegistrationBean(){
FilterRegistrationBean bean = new FilterRegistrationBean();
bean.setFilter(new TokenFilter());
bean.setUrlPatterns(Arrays.asList("
public class TokenInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
//从请求头中获取token
String token = request.getHeader("Authorization");
if(token==null||token.equals("")){
throw new Exception("用户未登录");
}
Result result = JWTUtils.checkToken(token);
//认证不通过
if(result.getCode()!=0){
throw new Exception(result.getMsg());
}
//获取token中用户信息
Map data = (Map)result.getData();
String username = (String)data.get("username");
//做其他权限判断操作...
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
}
}
过滤器:
package com.entor.filter;
import com.entor.util.*;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Map;
public class TokenFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest)servletRequest;
HttpServletResponse response = (HttpServletResponse)servletResponse;
String path = request.getRequestURL() + (request.getQueryString()==null?"":"?" + request.getQueryString());
System.out.println("path:"+path);
if(path.contains("login")){//放行登录请求
filterChain.doFilter(request,response);
return;
}
//从请求头中获取token
String token = request.getHeader("Authorization");
if(token==null||token.equals("")){
PrintUtil.print(response, ResultUtil.error(ErrorEnum.UN_LOGIN));
return;
}
Result result = JWTUtils.checkToken(token);
//认证不通过
if(result.getCode()!=0){
PrintUtil.print(response, ResultUtil.error(ErrorEnum.TOKEN_OVERDUE));
return;
}
//获取token中用户信息
Map data = (Map)result.getData();
String username = (String)data.get("username");
//做其他权限判断操作...
filterChain.doFilter(request,response);
}
@Override
public void destroy() {
}
}
